// RUN: %clang_dfsan -fno-sanitize=dataflow -O2 -fPIE -DCALLBACKS -c %s -o %t-callbacks.o
// RUN: %clang_dfsan -gmlt -fsanitize-ignorelist=%S/Inputs/flags_abilist.txt -O2 -mllvm -dfsan-reaches-function-callbacks=1 %s %t-callbacks.o -o %t
// RUN: %run %t 2>&1 | FileCheck %s
// RUN: %clang_dfsan -fno-sanitize=dataflow -O2 -fPIE -DCALLBACKS -DORIGIN_TRACKING -c %s -o %t-callbacks.o
// RUN: %clang_dfsan -gmlt -fsanitize-ignorelist=%S/Inputs/flags_abilist.txt -O2 -mllvm -dfsan-reaches-function-callbacks=1 -mllvm -dfsan-track-origins=2 %s %t-callbacks.o -o %t
// RUN: %run %t 2>&1 | FileCheck --check-prefix=CHECK-ORIGIN-TRACKING %s
// Tests that callbacks are inserted for reached functions when
// -dfsan-reaches-function-callbacks is specified.
#include <assert.h>
#include <stdio.h>
#include <string.h>
#include <sanitizer/dfsan_interface.h>
#ifdef CALLBACKS
// Compile this code without DFSan to avoid recursive instrumentation.
void my_dfsan_reaches_function_callback(dfsan_label label, dfsan_origin origin,
const char *file, unsigned int line,
const char *function) {
#ifdef ORIGIN_TRACKING
dfsan_print_origin_id_trace(origin);
#else
printf("%s:%d %s\n", file, line, function);
#endif
}
#else
__attribute__((noinline)) uint64_t add(uint64_t *a, uint64_t *b) {
return *a + *b;
// CHECK: reaches_function.c:[[# @LINE - 1]] add.dfsan
// CHECK-ORIGIN-TRACKING: Origin value: 0x10000002, Taint value was stored to memory at
// CHECK-ORIGIN-TRACKING: #0 {{.*}} in add.dfsan {{.*}}reaches_function.c:[[# @LINE - 3]]:{{.*}}
// CHECK-ORIGIN-TRACKING: Origin value: 0x1, Taint value was created at
// CHECK-ORIGIN-TRACKING: #0 {{.*}} in main {{.*}}reaches_function.c:{{.*}}
}
extern void my_dfsan_reaches_function_callback(dfsan_label label,
dfsan_origin origin,
const char *file,
unsigned int line,
const char *function);
int main(int argc, char *argv[]) {
dfsan_set_reaches_function_callback(my_dfsan_reaches_function_callback);
uint64_t a = 0;
uint64_t b = 0;
dfsan_set_label(8, &a, sizeof(a));
uint64_t c = add(&a, &b);
// CHECK: reaches_function.c:[[# @LINE - 1]] main
// CHECK-ORIGIN-TRACKING: Origin value: 0x10000002, Taint value was stored to memory at
// CHECK-ORIGIN-TRACKING: #0 {{.*}} in add.dfsan {{.*}}reaches_function.c:{{.*}}
// CHECK-ORIGIN-TRACKING: Origin value: 0x1, Taint value was created at
// CHECK-ORIGIN-TRACKING: #0 {{.*}} in main {{.*}}reaches_function.c:[[# @LINE - 6]]:{{.*}}
return c;
}
#endif // #ifdef CALLBACKS